6

Maybe I'm crazy, but it looks like the famous code to run Base64 in VB inserts a newline character (ascii 10) at the 73rd position, which subsequently makes the encoded string invalid for Basic authentication - or anything else for that matter.

Original code:

Function Stream_StringToBinary(Text)
  Const adTypeText = 2
  Const adTypeBinary = 1

  'Create Stream object
  Dim BinaryStream 'As New Stream
  Set BinaryStream = CreateObject("ADODB.Stream")

  'Specify stream type - we want To save text/string data.
  BinaryStream.Type = adTypeText

  'Specify charset For the source text (unicode) data.
  BinaryStream.CharSet = "us-ascii"

  'Open the stream And write text/string data To the object
  BinaryStream.Open
  BinaryStream.WriteText Text

  'Change stream type To binary
  BinaryStream.Position = 0
  BinaryStream.Type = adTypeBinary

  'Ignore first two bytes - sign of
  BinaryStream.Position = 0

  'Open the stream And get binary data from the object
  Stream_StringToBinary = BinaryStream.Read

  Set BinaryStream = Nothing
End Function


Function Base64Encode(sText)
    Dim oXML, oNode

    Set oXML = CreateObject("Msxml2.DOMDocument.3.0")
    Set oNode = oXML.CreateElement("base64")
    oNode.dataType = "bin.base64"
    oNode.nodeTypedValue =Stream_StringToBinary(sText)
    Base64Encode = oNode.text
    Set oNode = Nothing
    Set oXML = Nothing
End Function

'------------------- and here goes the encoding -----------------------
  strEnc = Base64Encode( "AVERYLONGUSERNAMEHELLOTHE123:AVERYLONGPASSWORDWHYAREYOUSOLONGREALLYANNOY123")
'----------------------------------------------------------------------

RESULT:

QVZFUllMT05HVVNFUk5BTUVIRUxMT1RIRTEyMzpBVkVSWUxPTkdQQVNTV09SRFdIWUFSRVlP
VVNPTE9OR1JFQUxMWUFOTk9ZMTIz

Looks like this occurs on very long UID/PWD pairs.

Has anyone encountered this?

Improve this question

1 Answer 1

Reset to default
9

This is because of how the Base64 encoding deals with long strings.

From RFC 2045 - 6.8 Base64 Content-Transfer-Encoding
The encoded output stream must be represented in lines of no more than 76 characters each. All line breaks or other characters not found in Table 1 must be ignored by decoding software. In base64 data, characters other than those in Table 1, line breaks, and other white space probably indicate a transmission error, about which a warning message or even a message rejection might be appropriate under some circumstances.

Because it is adding the vbLf (Chr(10)) after the encode should mean you are safe to just remove it using

strEnc = Replace(strEnc, vbLf, "")

Some languages have a "no wrapping" argument that can be passed to stop the Linefeed being added after the 76th character but I don't know of one in the Microsoft XMLDOM implementation, noted here Base64 -- do we really want/need line breaks every 76 characters? it looks as though it was suggested but there is no evidence it was ever implemented.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Good catch. Beats me why MS inserts a break on the 73rd though. I spent quite some time with failing Basic Auth over SSL only to discover the special char that made it into the string.
@access_granted it is a weird one to be honest I'm guessing they didn't want to exceed the 76 character maximum so decided to cut it at 72 instead.
Base64 Encoding does not limit the line length. That 76 character limit and the RFC you quoted belong to MIME. Instead RFC 4648 must be referenced, specifically Section 3.1. On the other hand, 72 character limit is a historic practice that remains from the days of typwriters. As a fun fact about that, you can check the maximum length of lines in those RFC files.
@access_granted MSXML's bin.base64 is an XDR Schema Data Type encoded in MIME style. So this is an expected behavior (it does not matter 72 or 76) and replacing vbLfs just works. I think you should mark the answer as accepted.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.